commit 7fcf7e9bfb7d3429d5ab8ec48716ff790c7b7094 · nekomimi.pet/nixcfg

+17

common/vnc.nix

···

       1
       1
       +
       { pkgs, config, ...}:

     

       2
       2
       +
       

     

       3
       3
       +
       {  

     

       4
       4
       +
         services.xserver.enable = true;

     

       5
       5
       +
         services.xserver.displayManager.autoLogin = {

     

       6
       6
       +
           enable = true;

     

       7
       7
       +
           user = "regent";

     

       8
       8
       +
         };

     

       9
       9
       +
       

     

       10
       10
       +
         services.xserver.displayManager.sessionCommands = ''

     

       11
       11
       +
           ${pkgs.x11vnc}/bin/x11vnc -rfbauth $HOME/.vnc/passwd &

     

       12
       12
       +
         '';

     

       13
       13
       +
       

     

       14
       14
       +
         services.xserver.desktopManager.xfce = {

     

       15
       15
       +
           enable = true;

     

       16
       16
       +
         }

     

       17
       17
       +
       };

+9

flake.nix

···

       15
       15
        
             url = "github:0xc000022070/zen-browser-flake";

     

       16
       16
        
             inputs.nixpkgs.follows = "nixpkgs";

     

       17
       17
        
           };

     

       18
       18
       +
           #microvm.url = "github:astro/microvm.nix";

     

       19
       19
       +
           #microvm.inputs.nixpkgs.follows = "nixpkgs";

     

       18
       20
        
       

     

       19
       21
        
           catppuccin.url = "github:catppuccin/nix";

     

       20
       22
        
           home-manager = {

     
···

       45
       47
        
                 modules = [

     

       46
       48
        
                   ./hosts/focalor

     

       47
       49
        
                   lix-module.nixosModules.default

     

       50
       50
       +
       

     

       51
       51
       +
                   /*microvm.nixosModules.host

     

       52
       52
       +
                   {

     

       53
       53
       +
                     microvm.autostart = [

     

       54
       54
       +
                       "windows"

     

       55
       55
       +
                     ];

     

       56
       56
       +
                   }*/

     

       48
       57
        
       

     

       49
       58
        
                   vscode-server.nixosModules.default

     

       50
       59
        
                   agenix.nixosModules.default

+32 -2

hosts/focalor/default.nix

···

       6
       6
        
           # Host-specific hardware

     

       7
       7
        
           ./hardware.nix

     

       8
       8
        
           ./secrets.nix

     

       9
       9
       +
           ./vfio.nix

     

       9
       10
        
           

     

       10
       11
        
           # Common modules shared across hosts

     

       11
       12
        
           ../../common/system.nix

     
···

       16
       17
        
           # Desktop modules

     

       17
       18
        
           ../../common/desktop/core.nix

     

       18
       19
        
           ../../common/desktop/sway.nix

     

       20
       20
       +
           ../../common/desktop/vnc.nix

     

       19
       21
        
       

     

       20
       22
        
           # Nvidia

     

       21
       23
        
           ../../common/nvidia.nix

     
···

       34
       36
        
         networking.hostName = "focalor";

     

       35
       37
        
         networking.hostId = "84bdc587";

     

       36
       38
        
       

     

       37
       37
       -
         networking = {

     

       39
       39
       +
         systemd.network = {

     

       40
       40
       +
           enable = true;

     

       41
       41
       +
           netdevs."br0" = {

     

       42
       42
       +
             netdevConfig = {

     

       43
       43
       +
               Name = "br0";

     

       44
       44
       +
               Kind = "bridge";

     

       45
       45
       +
             };

     

       46
       46
       +
           };

     

       47
       47
       +
           networks = {

     

       48
       48
       +
             "10-lan" = {

     

       49
       49
       +
               matchConfig.Name = ["enp5s0" "vm-*"];

     

       50
       50
       +
               networkConfig = {

     

       51
       51
       +
                 Bridge = "br0";

     

       52
       52
       +
               };

     

       53
       53
       +
             };

     

       54
       54
       +
             "10-lan-bridge" = {

     

       55
       55
       +
               matchConfig.Name = "br0";

     

       56
       56
       +
               networkConfig = {

     

       57
       57
       +
                 Address = ["10.0.0.34/24" "2601:5c2:8400:26c0:aaa1:59ff:fe94:5aba/64"];

     

       58
       58
       +
                 Gateway = "10.0.0.1";

     

       59
       59
       +
                 DNS = ["10.0.0.210" "1.1.1.1"];

     

       60
       60
       +
                 IPv6AcceptRA = true;

     

       61
       61
       +
               };

     

       62
       62
       +
               linkConfig.RequiredForOnline = "routable";

     

       63
       63
       +
             };

     

       64
       64
       +
           };

     

       65
       65
       +
         };

     

       66
       66
       +
       

     

       67
       67
       +
         /*networking = {

     

       38
       68
        
           firewall.enable = false;

     

       39
       69
        
           firewall.trustedInterfaces = [

     

       40
       70
        
       	    "tailscale0"

     
···

       42
       72
        
           nameservers   = [ "10.0.0.210" "1.1.1.1" ];

     

       43
       73
        
           useDHCP       = true;

     

       44
       74
        
           firewall.allowedTCPPorts = [22 80 443 2456 2457 9000 9001 9002]; 

     

       45
       45
       -
         };

     

       75
       75
       +
         };*/

     

       46
       76
        
       

     

       47
       77
        
         services.resolved = {

     

       48
       78
        
           enable      = true;

+20 -16

hosts/focalor/vfio.nix

···

       1
       1
       -
       programs.virt-manager.enable = true;

     

       2
       2
       -
       virtualisation.spiceUSBRedirection.enable = true;

     

       3
       3
       -
       virtualisation.libvirtd = {

     

       4
       4
       -
         enable = true;

     

       5
       5
       -
         qemu = {

     

       6
       6
       -
           package = pkgs.qemu_kvm;

     

       7
       7
       -
           runAsRoot = true;

     

       8
       8
       -
           swtpm.enable = true;

     

       9
       9
       -
           ovmf = {

     

       10
       10
       -
             enable = true;

     

       11
       11
       -
             packages = [(pkgs.OVMF.override {

     

       12
       12
       -
               secureBoot = true;

     

       13
       13
       -
               tpmSupport = true;

     

       14
       14
       -
             }).fd];

     

       1
       1
       +
       { config, lib, system, pkgs, modulesPath, inputs, ... }:

     

       2
       2
       +
       

     

       3
       3
       +
       {

     

       4
       4
       +
         programs.virt-manager.enable = true;

     

       5
       5
       +
         virtualisation.spiceUSBRedirection.enable = true;

     

       6
       6
       +
         virtualisation.libvirtd = {

     

       7
       7
       +
           enable = true;

     

       8
       8
       +
           qemu = {

     

       9
       9
       +
             package = pkgs.qemu_kvm;

     

       10
       10
       +
             runAsRoot = true;

     

       11
       11
       +
             swtpm.enable = true;

     

       12
       12
       +
             ovmf = {

     

       13
       13
       +
               enable = true;

     

       14
       14
       +
               packages = [(pkgs.OVMF.override {

     

       15
       15
       +
                 secureBoot = true;

     

       16
       16
       +
                 tpmSupport = true;

     

       17
       17
       +
               }).fd];

     

       18
       18
       +
             };

     

       15
       19
        
           };

     

       16
       20
        
         };

     

       17
       17
       -
       };

     

       18
       21
        
       

     

       19
       19
       -
       users.extraUsers.regent.extraGroups = [ "libvirtd" ];
     

       22
       22
       +
         users.extraUsers.regent.extraGroups = [ "libvirtd" ];

     

       23
       23
       +
       }